﻿<?php include("config.php"); 

$bg1 = BG_1;
$bg2 = BG_2;
$bg3 = BG_3;
$bg4 = BG_4;

 if(iscupadmin($userID)) {
 
 echo '<LI><h1><a href="admincenter.phpcuptickets"><img src="images/cup/icons/home_icon.gif" width="18" height="18"></a> Support & Protest Tickets<br></h1>';
 
/* QUERIES */

if($_POST['createdepartment']) {
   if(!$_POST['department']) die('You must name the department.');
   safe_query("INSERT INTO ".PREFIX."cup_departments (`department`) VALUES ('".$_POST['department']."')");
   redirect('cuptickets', '<center><b>Department successfully created!</b></center>', 2); 
   
}elseif(isset($_GET['action']) && $_GET['action']=="showall") {
   $query = safe_query("SELECT * FROM ".PREFIX."cup_matches WHERE einspruch='1'");
     if(!mysql_num_rows($query)) $no_protests = "Oopz! Looks like there are no protest matches!";
       while($ds = mysql_fetch_array($query)) {
         safe_query("INSERT INTO ".PREFIX."cup_tickets (`cupID`,`ladID`,`matchID`,`subject`,`desc`) VALUES ('".$ds['cupID']."', '".$ds['ladID']."', '".$ds['matchID']."', '(unspecified subject)', '(unspecified message)')");                
    }    
}elseif($_GET['action']=="update" && $_GET['departmentID']) {
  safe_query("UPDATE ".PREFIX."cup_tickets SET department='".$_GET['departmentID']."', updated='".time()."' WHERE ticketID='".$_GET['ticketID']."'");
  redirect('cuptickets', '<center><b>Ticket successfully assigned to department!</b></center>', 2); 
  
}elseif($_GET['action']=="update" && $_GET['status']) {
  safe_query("UPDATE ".PREFIX."cup_tickets SET status='".$_GET['status']."' WHERE ticketID='".$_GET['ticketID']."'");
  redirect('cuptickets', '<center><b>Ticket status successfully changed!</b></center>', 2); 

}elseif($_GET['action']=="delete" && $_GET['ticketID']) {
  safe_query("DELETE FROM ".PREFIX."cup_tickets WHERE ticketID='".$_GET['ticketID']."'");
  safe_query("DELETE FROM ".PREFIX."comments WHERE parentID='".$_GET['ticketID']."' && type='ts'");
  redirect('cuptickets', '<center><b>Ticket successfully deleted!</b></center>', 2); 

}elseif($_POST['editdepartment']) {
  safe_query("UPDATE ".PREFIX."cup_departments SET department = '".$_POST['department']."' WHERE ID='".$_POST['ID']."'");
  redirect('cuptickets', '<center><b>Department successfully edited!</b></center>', 2); 

}elseif($_GET['action']=="delete" && $_GET['department']) {
  safe_query("DELETE FROM ".PREFIX."cup_departments WHERE ID='".$_GET['department']."'");
  safe_query("DELETE FROM ".PREFIX."cup_tickets WHERE department='".$_GET['department']."'");
  
  $query = safe_query("SELECT ticketID FROM ".PREFIX."cup_tickets WHERE department='".$_GET['department']."'");
    while($ds=mysql_fetch_array($query)) {    
       safe_query("DELETE FROM ".PREFIX."comments WHERE parentID='".$ds['ticketID']."' && type='ts'");
    }
  redirect('cuptickets', '<center><b>Department and tickets assigned to department successfully deleted!</b></center>', 2); 

}

/* TICKET ORDERING */

$order_tickets = ($order_by ? "ORDER BY updated DESC" : "ORDER BY time DESC");
$hide_closed = ($hide_closed_tickets ? "AND status!='5'" : "");

/* DEPARTMENTS */

$departments = '<option value="" selected>-- Edit Department --</option>';
  $query = safe_query("SELECT ID, department FROM ".PREFIX."cup_departments");
    $num_departments = mysql_num_rows($query);
      while($pt = mysql_fetch_array($query)) {
         $departments .= '<option value="'.$pt['ID'].'">'.$pt['department'].'</option>';
         $departments_l.='<option value="'.$pt['ID'].'">'.$pt['department'].'</option>';
     }
     
if($_GET['department']) {
  echo '<form method="post" name="post" action="cuptickets">
          <input type="text" name="department" value="'.departmentname($_GET['department']).'">
          <input type="hidden" name="ID" value="'.$_GET['department'].'">
          <input type="submit" name="editdepartment" value="Edit Department">
        </form>
         OR <a href="cuptickets/action-delete&department='.$_GET['department'].'" onclick="return confirm(\'Deleting this department is non recoverable will also delete all tickets assigned to this department.\');"><b>Delete Department</b></a>';
}else{
  echo '<select name="department" onChange="MM_confirm(\'Edit Department?\', \'admincenter.phpcuptickets&department=\'+this.value)">'.$departments.'</select>';
}
     
     
   if(!$num_departments) 
       echo '<form method="post" name="post" action="cuptickets">
                 <input type="text" name="department">
                 <input type="submit" name="createdepartment" value="Add Department">
               </form>';
   else
       echo '
               <form method="post" name="post" action="cuptickets">
                 <input type="text" name="department">
                 <input type="submit" name="createdepartment" value="Add Department">
               </form>';

 if(isset($_GET['tickID']) && $_GET['action']=="view_ticket") {
    
    $ID = $_GET['tickID'];
 
    $query = safe_query("SELECT * FROM ".PREFIX."cup_tickets WHERE ticketID='$ID'");
    $ds = mysql_fetch_array($query);
    
    $update = safe_query("SELECT * FROM ".PREFIX."comments WHERE type='ts' && parentID='".$ds['ticketID']."' ORDER BY commentID DESC");
    $tic = mysql_fetch_array($update); $num_rows = mysql_num_rows($update);  
    
    $subject = getinput($ds['subject']);
    $date = date('l M dS Y \@\ g:i a', $ds['time']);
    $user = '<a href="profile&id='.$ds['userID'].'"><b>'.getnickname($ds['userID']).'</b></a>';
    $staff = ($ds['adminID'] ? '<a href="profile&id='.$ds['adminID'].'"><b>'.getnickname($ds['adminID']).'</b></a>' : "n/a");
    
    if($ds['matchID']) {
       $dm=mysql_fetch_array(safe_query("SELECT * FROM ".PREFIX."cup_matches WHERE matchID='".$ds['matchID']."'"));
       $desc = getname1($dm['clan1'],getleagueID($ds['matchID']),$ac=1,league($ds['matchID'])).' vs '.getname1($dm['clan2'],getleagueID($ds['matchID']),$ac=1,league($ds['matchID'])).' - <a href='.matchlink($ds['matchID'],$ac=1,$tg=1).'><img src="images/icons/foldericons/newhotfolder.gif"></a>';
    }else
       $desc = cleartext(stripslashes(str_replace(array('\r\n', '\n'),array("\n","\n" ), $ds['desc'])),$bbcode=true, $calledfrom='admin');
    
    if(!$num_rows)
        $updated_date = "(no update)";
    else{
        $updated_date = date('l M dS Y \@\ g:i a', $tic['date']);
        $updated_by = 'by '.(iscupadmin($userID) ? "admin" : "user").' <a href="profile&id='.$tic['userID'].'"><b>'.getnickname($tic['userID']).'</b></a>';
   }
       
              $lc=mysql_fetch_array(safe_query("SELECT * FROM ".PREFIX."comments WHERE parentID='".$ds['ticketID']."' && type='ts' ORDER BY date DESC LIMIT 0,1"));
              $autoclose = time()-$ticket_autoclose_time;
            
              if(!$lc['date'] && $ds['time'] <= $autoclose && in_array($ds['status'],$only_autoclose_ticket)) 
                 safe_query("UPDATE ".PREFIX."cup_tickets SET status = '$ticket_autoclose_status' WHERE ticketID='".$ds['ticketID']."'"); 
              elseif($lc['date'] && $lc['date'] <= $autoclose && in_array($ds['status'],$only_autoclose_ticket))
                 safe_query("UPDATE ".PREFIX."cup_tickets SET status = '$ticket_autoclose_status' WHERE ticketID='".$ds['ticketID']."'");  
              
       
    $updated_date = ($ds['time']>$ds['updated'] ? "(no update)" : date('l M dS Y \@\ g:i a', $ds['updated']));
    
         if($ds['status']==1)
            $status = $status_unreviewed;
         elseif($ds['status']==2)
            $status = $status_pending;
         elseif($ds['status']==3)
            $status = $status_onhold;
         elseif($ds['status']==4)
            $status = $status_waiting;
         elseif($ds['status']==5)
            $status = $status_resolved;         
         elseif($ds['status']==6)
            $status = $status_custom1;
         elseif($ds['status']==7)
            $status = $status_custom2;
            
      if($ds['matchID']) { 
         $db=mysql_fetch_array(safe_query("SELECT * FROM ".PREFIX."cup_matches WHERE matchID='".$ds['matchID']."'"));
         $type = '<font color="red"><b>Match Protest</b></font>';
      }else{
         $type = departmentname($ds['department']);
      }

      $irc = '<a href="javascript:MM_openBrWindow(\'cup_chat/protest_chat.php?tickID='.$_GET['tickID'].'\',\'Protest Chat\',\'scrollbars=no,width=650,height=410\')"><img border="0" src="images/cup/icons/irc.png"></a>';
   
	  eval ("\$mytickets = \"".gettemplate("view_ticket")."\";");
	  echo $mytickets;
	  
		$parentID = $ds['ticketID'];
		$comments_allowed = 4;
		$type = "ts";
		$referer = "admincenter.phpcuptickets/action-view_ticket&tickID=$_GET[tickID]";

		include("comments.php");
 
 }else{

/* Protest Tickets */ 
 
 echo "<br><hr><h2>Protest Tickets</h2>";
 
 if($_GET['action']!="showall")
    echo 'Current/previous protests below V5 will not show - <a href="cuptickets/action-showall"><b>click here</b></a> to show them now.<br><br>';
 else
    echo $no_protests."<br><br>";
 
 
  $table_header =  '
        <table cellpadding="4" cellspacing="0" width="100%">
          <tr>
            <td class="title" align="center">Ticket ID</td>
            <td class="title" align="center">League - ID</td>
            <td class="title" align="center">Match ID</td>
            <td class="title" align="center">Subject</td>
            <td class="title" align="center">Match-Media</td>
            <td class="title" align="center">Status</td>
            <td class="title" align="center">Action</td>
          </tr>';
 
   $query = safe_query("SELECT * FROM ".PREFIX."cup_tickets WHERE department='0' $hide_closed $order_tickets");
     if(mysql_num_rows($query)) { echo $table_header;
       while($ds=mysql_fetch_array($query)) {
       
       $db=mysql_fetch_array(safe_query("SELECT * FROM ".PREFIX."cup_matches WHERE matchID='".$ds['matchID']."'"));     
       $type = ($ds['ladID'] ? "laddID" : "cupID"); 
       $cupID = ($ds['ladID'] ? $ds['ladID'] : $ds['cupID']);
       $media=($db['screens'] ? "Yes" : "No");   
       
         if($ds['status']==1)
            $status = $status_unreviewed;
         elseif($ds['status']==2)
            $status = $status_pending;
         elseif($ds['status']==3)
            $status = $status_onhold;
         elseif($ds['status']==4)
            $status = $status_waiting;
         elseif($ds['status']==5)
            $status = $status_resolved;         
         elseif($ds['status']==6)
            $status = $status_custom1;
         elseif($ds['status']==7)
            $status = $status_custom2;
            
              $lc=mysql_fetch_array(safe_query("SELECT * FROM ".PREFIX."comments WHERE parentID='".$ds['ticketID']."' && type='ts' ORDER BY date DESC LIMIT 0,1"));
              $autoclose = time()-$ticket_autoclose_time;
            
              if(!$lc['date'] && $ds['time'] <= $autoclose && in_array($ds['status'],$only_autoclose_ticket)) 
                 safe_query("UPDATE ".PREFIX."cup_tickets SET status = '$ticket_autoclose_status' WHERE ticketID='".$ds['ticketID']."'"); 
              elseif($lc['date'] && $lc['date'] <= $autoclose && in_array($ds['status'],$only_autoclose_ticket))
                 safe_query("UPDATE ".PREFIX."cup_tickets SET status = '$ticket_autoclose_status' WHERE ticketID='".$ds['ticketID']."'");  
              
            
            $dp=mysql_fetch_array(safe_query("SELECT department FROM ".PREFIX."cup_departments WHERE ID='".$ds['department']."'"));
            $departments=str_replace(' selected', '', $departments_l);
	        $departments=str_replace('value="'.$ds['department'].'"', 'value="'.$ds['department'].'" selected', $departments_l);
	        
     	    $dd_status='<option value="1">'.$status_unreviewed.'</option><option value="2">'.$status_pending.'</option><option value="3">'.$status_onhold.'</option><option value="4">'.$status_waiting.'</option><option value="5">'.$status_resolved.'</option><option value="6">'.$status_custom1.'</option><option value="7">'.$status_custom2.'</option>';
 	        $dd_status=str_replace(' selected', '', $dd_status);
      	    $dd_status=str_replace('value="'.$ds['status'].'"', 'value="'.$ds['status'].'" selected', $dd_status);
       
         if($delete_confirmed_protests && $db['confirmscore'] && !$db['einspruch'])
            safe_query("DELETE FROM ".PREFIX."cup_tickets WHERE ticketID='".$ds['ticketID']."'");
            
	     if($db['cupID']){
            $league = "Brackets";
            $cup_link = '<a href="admincenter.phpcups/action-baum&ID='.$ds['cupID'].'">'.$ds['cupID'].'</a>';
         }else{
            $league = "Ladder";
            $cup_link = '<a href="standings&ladderID='.$ds['ladID'].'" target="_blank">'.$ds['ladID'].'</a>';
         }if(in_array($db['ladID'],$groups_array) || in_array($db['cupID'],$groups_array)) {
	        $details_link = 'cup_matches&match='.$db['matchID'].'&'.$type.'='.$cupID.'&type=gs';
	        $league = "Groups";
	        $admin_link = 'matches.php?action=edit&matchID='.$db['matchID'].'';
            $cup_link = '<a href="groups&'.$type.'='.$cupID.'" target="_blank">'.$cupID.'</a>';
	     }elseif(!$db['matchno']){
	        $details_link = 'cup_matches&matchID='.$db['matchID'].'&'.$type.'='.$cupID.'';
	        $admin_link = 'matches.php?action=edit&matchID='.$db['matchID'].'';
	     }else{
	        $details_link = 'cup_matches&match='.$db['matchno'].'&'.$type.'='.$cupID.'';
	        $admin_link = 'matches.php?action=edit&match='.$db['matchno'].'&'.$type.'='.$cupID.'';
         }
         
            $match_details = '<a href="'.$details_link.'" target="_blank"><img src="images/icons/foldericons/newhotfolder.gif"></a>'; 
            $action= '<a href="cuptickets/action-view_ticket&tickID='.$ds['ticketID'].'"><img src="images/icons/foldericons/folder.gif"></a>'; 
         
       echo '<tr>
               <td align="center">'.$ds['ticketID'].'</td>
               <td align="center">'.$league.' - '.$cup_link.'</td>
               <td align="center"><a href="'.$admin_link.'&type=protest" onClick="MM_openBrWindow(this.href,\'View Match\',\'toolbar=no,status=no,scrollbars=yes,width=800,height=600\');return false">'.$ds['matchID'].'</a> - '.$match_details.'</td>
               <td align="center">'.getinput($ds['subject']).'</td>
               <td align="center">'.$media.'</td>
               <td align="center"><select name="status" onChange="MM_confirm(\'Note: If the ticket auto-closes, look at the config $ticket_autoclose_time variable setting.\', \'cuptickets/action-update&ticketID='.$ds['ticketID'].'&status=\'+this.value)">'.$dd_status.'</select></td>
               <td align="center">'.$action.' <a href="cuptickets/action-delete&ticketID='.$ds['ticketID'].'" onclick="return confirm(\'Deleting this ticket is non recoverable and will also be no longer available to the customer.\');"><img src="images/cup/error.png" width="16" height="16"></a></td>
             </tr>';
       
       
       }
 
        echo "</table>";
    }else
      echo "No protest tickets";

     echo "<br><hr>";  
 
/* Support Tickets */

 echo "<h2>Support Tickets</h2>";
 
  $table_header =  '

        <table width="100%" cellspacing="1" cellpadding="3"  bgcolor="'.$border.'">
          <tr>
            <td class="title" align="center">Ticket ID</td>
            <td class="title" align="center">Department</td>
            <td class="title" align="center">Subject</td>
	    <td class="title" align="center">User</td>
            <td class="title" align="center">Status</td>
            <td class="title" align="center">Action</td>
          </tr>
	  <tr>
	    <td colspan="6" bgcolor="'.$pagebg.'">
	  </tr>';
 
   $query = safe_query("SELECT * FROM ".PREFIX."cup_tickets WHERE department!='0' $hide_closed $order_tickets");
     if(mysql_num_rows($query)) { echo $table_header;
       while($ds=mysql_fetch_array($query)) {  
       
         if($ds['status']==1)
            $status = $status_unreviewed;
         elseif($ds['status']==2)
            $status = $status_pending;
         elseif($ds['status']==3)
            $status = $status_onhold;
         elseif($ds['status']==4)
            $status = $status_waiting;
         elseif($ds['status']==5)
            $status = $status_resolved;         
         elseif($ds['status']==6)
            $status = $status_custom1;
         elseif($ds['status']==7)
            $status = $status_custom2;
            
              $lc=mysql_fetch_array(safe_query("SELECT * FROM ".PREFIX."comments WHERE parentID='".$ds['ticketID']."' && type='ts' ORDER BY date DESC LIMIT 0,1"));
              $autoclose = time()-$ticket_autoclose_time;
            
              if(!$lc['date'] && $ds['time'] <= $autoclose && in_array($ds['status'],$only_autoclose_ticket)) 
                 safe_query("UPDATE ".PREFIX."cup_tickets SET status = '$ticket_autoclose_status' WHERE ticketID='".$ds['ticketID']."'"); 
              elseif($lc['date'] && $lc['date'] <= $autoclose && in_array($ds['status'],$only_autoclose_ticket))
                 safe_query("UPDATE ".PREFIX."cup_tickets SET status = '$ticket_autoclose_status' WHERE ticketID='".$ds['ticketID']."'");  
              
            
            $dp=mysql_fetch_array(safe_query("SELECT department FROM ".PREFIX."cup_departments WHERE ID='".$ds['department']."'"));
            $departments=str_replace(' selected', '', $departments_l);
	        $departments=str_replace('value="'.$ds['department'].'"', 'value="'.$ds['department'].'" selected', $departments_l);
	        
     	    $dd_status='<option value="1">'.$status_unreviewed.'</option><option value="2">'.$status_pending.'</option><option value="3">'.$status_onhold.'</option><option value="4">'.$status_waiting.'</option><option value="5">'.$status_resolved.'</option><option value="6">'.$status_custom1.'</option><option value="7">'.$status_custom2.'</option>';
 	        $dd_status=str_replace(' selected', '', $dd_status);
      	    $dd_status=str_replace('value="'.$ds['status'].'"', 'value="'.$ds['status'].'" selected', $dd_status);
              
            $action= '<a href="cuptickets/action-view_ticket&tickID='.$ds['ticketID'].'"><img src="images/icons/foldericons/folder.gif"></a>'; 
       
       echo '<tr>
               <td align="center" bgcolor="'.$bg1.'">'.$ds['ticketID'].'</td>
               <td align="center" bgcolor="'.$bg1.'"><select name="department" onChange="MM_confirm(\'Change department?\', \'cuptickets/action-update&ticketID='.$ds['ticketID'].'&departmentID=\'+this.value)">'.$departments.'</select></td>
               <td align="center" bgcolor="'.$bg1.'">'.getinput($ds['subject']).'</td>
	       <td align="center" bgcolor="'.$bg1.'"><a href="profile&id='.$ds['userID'].'" target="_blank">'.getnickname($ds['userID']).'</a></td>
               <td align="center" bgcolor="'.$bg1.'"><select name="status" onChange="MM_confirm(\'Note: If the ticket auto-closes, look at the config $ticket_autoclose_time variable setting.\', \'cuptickets/action-update&ticketID='.$ds['ticketID'].'&status=\'+this.value)">'.$dd_status.'</select></td>
               <td align="center" bgcolor="'.$bg1.'">'.$action.' <a href="cuptickets/action-delete&ticketID='.$ds['ticketID'].'" onclick="return confirm(\'Deleting this ticket is non recoverable and will also be no longer available to the customer.\');"><img src="images/cup/error.png" width="16" height="16"></a></td>
             </tr>';
       
       
       }
 
        echo "</table>";
    }else
      echo "No support tickets";
   
  }
 
} 
?>